HijackRAT Android Banking Malware

The British National Fraud Intelligence Bureau (NFIB) ,Alert and  relaesed a warning of a new malware developed for the Android platform.

The HijackRAT (Remote Access Tool) siphons private data such as text messages and contact details from the device, and goes after banking credentials by replacing banking apps with a spoofed version of those apps.

HijackRAT attacking two-factor authentication mobile banking systems

The HijackRat deletes antivirus software and to evade detection disguises itself as “Google Service Framework”.

The malware target mobile banking apps by attacking at two-factor authentication systems.

The NFIB advises mobile banking users on all platforms;

  • Do not download apps except from the official app store for your device.
  • Before downloading an app check what access it requires, if it asks for access to areas which it shouldn’t need, then be suspicious. Very few apps legitimately need to access your text messages.
  • Format your device regularly to limit the damage caused in case you do acquire malware.
  • If possible do not enable JavaScript or active scripts on the browser of your device.